Forum Discussion

chriscanning's avatar
chriscanning
Copper Contributor
Feb 13, 2024

Full Control for a MS List without being Site Owner

Hi,

 

I have an issue where we have SharePoint list items that have been allocated individual permission via Power Automate. I want to have 'full control' allocated to each item similar to how SharePoint Site Owners still retain full control of the overall list and the individual permissioned items within it. 

 

I can't add the user group into the the site owner group as I don't want members of this group to have full control / access of the entire site, only the specified MS list.

 

I tried giving the group 'full control' in the MS list outside of the owner group, but it doesn't seem to translate into permissions for the individual items.   

 

Is there a way around this?

 

 

  • ganeshsanap's avatar
    ganeshsanap
    Feb 15, 2024

    chriscanning 

     

    You can first use EnsureUser endpoint and then roleassignments/addroleassignment endpoint to assign the permissions to security groups on the individual list items.

     

    Refer this article for related information: SharePoint Online: Grant Permissions to Azure AD Security group using Power Automate and REST API - here I am granting permissions at "site" level but you have to grant permissions at "item" level (similar endpoint as you are using for granting permissions to users/members).


    Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.

  • chriscanning 

     

    Try these two things:

    1. Grant full control permissions at the "list" level - this will give full control for list items inheriting permissions from the list: I think you already this as per your screenshot.
    2. After step #1, grant full control permissions on each individual item via Power automate flow - this will give full control for list items with unique permissions.

    Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.

    • chriscanning's avatar
      chriscanning
      Copper Contributor

      ganeshsanap ,

       

      Thanks for the reply. Yes I have continued looking into this and came to the same conclusion. Any idea how to do this for a security group as opposed to the SharePoint site members group?   

      • ganeshsanap's avatar
        ganeshsanap
        MVP

        chriscanning 

         

        You can first use EnsureUser endpoint and then roleassignments/addroleassignment endpoint to assign the permissions to security groups on the individual list items.

         

        Refer this article for related information: SharePoint Online: Grant Permissions to Azure AD Security group using Power Automate and REST API - here I am granting permissions at "site" level but you have to grant permissions at "item" level (similar endpoint as you are using for granting permissions to users/members).


        Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.

Resources